Detroit Symphony Orchestra
Detroit Symphony Orchestra
Group: snatch
Discovered by ransomware.live: 2023-11-02
Estimated attack date: 2023-11-01
Description:
The Detroit Symphony Orchestra, America’s fourth-oldest, has a history as varied and exciting as that of its hometown. The DSO has been at the center of Detroit’s musical heartbeat for more than 130 years, but it has faced plenty of challenges – including finding stages
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 12
Third Party Employee Credentials: 0
External Attack Surface: 8
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- d178242b.ess.barracudanetworks.com.
- d178242a.ess.barracudanetworks.com.
TXT Records
- duo_sso_verification=crgdWbaCCBVCkIogQpSrBEMAtMgbYhiNyeHBS3xXShgJPdeI2pWAtiFYGp5xeGhu
- GjiVTXx3HJsndG5dr0eLrFG9X/ENw6YkdYRBg85YzTOzFDFW09EsgMj29mmcS/rH65SQK3MJy6px8f++pnRGoA==
- v=verifydomain MS=4064629
- v=spf1 include:spf.ess.barracudanetworks.com include:spf.protection.outlook.com -all
- bw=MZ7JdqsVsWbLEw8UVAzCbzvUBdEMGkIRge88a2B7zA75
- facebook-domain-verification=bd661xtkqmtspu9rfh7qdhy9it47o9
- RX3IFQNQXZF7MHYRRIDOOFA9W97WYRMBWF23IJHGN
- Foxit-domain-verification=249164ffe9684b7b0e8669a170384bea
- ZOOM_verify_fIhtKXBiLzWOjOAbZarGGu
Cloud / SaaS Services Detected
Microsoft 365
Cisco Duo
Zoom
Leak Screenshot:
